package com.lxq.market.filter;

import com.lxq.market.model.User;
import com.lxq.market.util.SessionSignIn;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebFilter(urlPatterns = "/admin/*")
public class AdminFilter extends HttpFilter {
    SessionSignIn sign=SessionSignIn.getInstance();

    @Override
    protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
        User user = sign.find(req.getSession().getId());
        if (user==null) {
            req.setAttribute("interrupted",req.getRequestURL());
            req.getRequestDispatcher("/login.jsp").forward(req,res);
            return;
        }else if (!user.getUserPosition().equals("站长")){
            res.setContentType("text/html;charset=utf-8");
            res.getWriter().print("<h1>你没有权限进入</h1>");
            return;
        }
        chain.doFilter(req,res);
    }
}
